/
Running Containers as Root User Should be Avoided

Running Containers as Root User Should be Avoided

Owned by Former user (Deleted)
Aug 17, 2021
1 min read

Description:

Containers shouldn't run as root users in your Kubernetes cluster. Running a process as the root user inside a container runs it as root on the host. If there's a compromise, an attacker has root in the container, and any misconfigurations become easier to exploit.

Solution: 

1. From the Unhealthy resources tab, select the cluster. Security Center lists the pods running containers missing the 'MustRunAsNonRoot' rule.
2. For these pods, add rule: 'MustRunAsNonRoot' in a runAsUser section of the container's spec.
3. After making your changes, redeploy the pod with the updated rule.

Related content

Privileged Containers Should be Avoided
Privileged Containers Should be Avoided
CUIT CyberSecurity
More like this
Container With Privilege Escalation Should Be Avoided
Container With Privilege Escalation Should Be Avoided
CUIT CyberSecurity
More like this
Immutable (Read-Only) Root Filesystem Should Be Enforced for Containers
Immutable (Read-Only) Root Filesystem Should Be Enforced for Containers
CUIT CyberSecurity
More like this
Least Privileged Linux Capabilities Should Be Enforced for Containers
Least Privileged Linux Capabilities Should Be Enforced for Containers
CUIT CyberSecurity
More like this
Containers Sharing Sensitive Host Namespaces Should Be Avoided
Containers Sharing Sensitive Host Namespaces Should Be Avoided
CUIT CyberSecurity
More like this
Usage of Pod Hostpath Volume Mounts Should Be Restricted to a Known List to Restrict Node Access From Compromised Containers
Usage of Pod Hostpath Volume Mounts Should Be Restricted to a Known List to Restrict Node Access From Compromised Containers
CUIT CyberSecurity
More like this